Authentication server
Encyclopedia
Authentication servers are server
s that provide authentication
services to users
or other systems via networking. Remotely placed users and other servers authenticate to such a server, and receive cryptographic tickets. These tickets are then exchanged with one another to verify identity
.
Authentication is used as the basis for authorization
(determining whether a privilege
will be granted to a particular user or process
), privacy
(keeping information from becoming known to non-participants), and non-repudiation
(not being able to deny having done something that was authorized to be done based on the authentication
).
The major authentication algorithm
s utilized are password
s, Kerberos, and public key encryption.
Server (computing)
In the context of client-server architecture, a server is a computer program running to serve the requests of other programs, the "clients". Thus, the "server" performs some computational task on behalf of "clients"...
s that provide authentication
Authentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...
services to users
User (computing)
A user is an agent, either a human agent or software agent, who uses a computer or network service. A user often has a user account and is identified by a username , screen name , nickname , or handle, which is derived from the identical Citizen's Band radio term.Users are...
or other systems via networking. Remotely placed users and other servers authenticate to such a server, and receive cryptographic tickets. These tickets are then exchanged with one another to verify identity
Digital identity
Digital identity is the aspect of digital technology that is concerned with the mediation of people's experience of their own identity and the identity of other people and things...
.
Authentication is used as the basis for authorization
Authorization
Authorization is the function of specifying access rights to resources, which is related to information security and computer security in general and to access control in particular. More formally, "to authorize" is to define access policy...
(determining whether a privilege
Privilege
A privilege is a special entitlement to immunity granted by the state or another authority to a restricted group, either by birth or on a conditional basis. It can be revoked in certain circumstances. In modern democratic states, a privilege is conditional and granted only after birth...
will be granted to a particular user or process
Process (computing)
In computing, a process is an instance of a computer program that is being executed. It contains the program code and its current activity. Depending on the operating system , a process may be made up of multiple threads of execution that execute instructions concurrently.A computer program is a...
), privacy
Privacy
Privacy is the ability of an individual or group to seclude themselves or information about themselves and thereby reveal themselves selectively...
(keeping information from becoming known to non-participants), and non-repudiation
Non-repudiation
Non-repudiation refers to a state of affairs where the purported maker of a statement will not be able to successfully challenge the validity of the statement or contract. The term is often seen in a legal setting wherein the authenticity of a signature is being challenged...
(not being able to deny having done something that was authorized to be done based on the authentication
Authentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...
).
The major authentication algorithm
Algorithm
In mathematics and computer science, an algorithm is an effective method expressed as a finite list of well-defined instructions for calculating a function. Algorithms are used for calculation, data processing, and automated reasoning...
s utilized are password
Password
A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource . The password should be kept secret from those not allowed access....
s, Kerberos, and public key encryption.
See also
- TACACS+TACACS+TACACS+ is a Cisco Systems proprietary protocol which provides access control for routers, network access servers and other networked computing devices via one or more centralized servers...
- RADIUSRADIUSRemote Authentication Dial In User Service is a networking protocol that provides centralized Authentication, Authorization, and Accounting management for computers to connect and use a network service...
- Multi-factor authenticationMulti-factor authenticationMulti-factor authentication, sometimes called strong authentication, is an extension of two-factor authentication. This is the Defense in depth approach of "Security In Layers" applied to authentication. While two-factor authentication only involves exactly two factors, multi-factor...